nss/lib/util/pkcs11n.h - Issue 13898013: Update NSS to NSS_3_15_BETA2.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: nss/lib/util/pkcs11n.h

Issue 13898013: Update NSS to NSS_3_15_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/

Patch Set: Update NSS versions and tag in README.chromium Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: nss/lib/util/pkcs11n.h

===================================================================

--- nss/lib/util/pkcs11n.h (revision 195639)

+++ nss/lib/util/pkcs11n.h (working copy)

@@ -195,9 +195,29 @@

#define CKM_NSS_JPAKE_FINAL_SHA384 (CKM_NSS + 17)

#define CKM_NSS_JPAKE_FINAL_SHA512 (CKM_NSS + 18)

+/* Constant-time MAC mechanisms:

+ *

+ * These operations verify a padded, MAC-then-encrypt block of data in

+ * constant-time. Because of the order of operations, the padding bytes are not

+ * protected by the MAC. However, disclosing the value of the padding bytes

+ * gives an attacker the ability to decrypt ciphertexts. Such disclosure can be

+ * as subtle as taking slightly less time to perform the MAC when the padding

+ * is one byte longer. See https://www.isg.rhul.ac.uk/tls/

+ *

+ * CKM_NSS_HMAC_CONSTANT_TIME: performs an HMAC authentication.

+ * CKM_NSS_SSL3_MAC_CONSTANT_TIME: performs an authentication with SSLv3 MAC.

+ *

+ * Parameter type: CK_NSS_MAC_CONSTANT_TIME_PARAMS

+ */

#define CKM_NSS_HMAC_CONSTANT_TIME (CKM_NSS + 19)

#define CKM_NSS_SSL3_MAC_CONSTANT_TIME (CKM_NSS + 20)

+/* TLS 1.2 mechanisms */

+#define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21)

+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22)

+#define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23)

+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24)

* HISTORICAL:

* Do not attempt to use these. They are only used by NETSCAPE's internal

@@ -243,7 +263,15 @@

CK_NSS_JPAKEPublicValue B; /* in */

} CK_NSS_JPAKEFinalParams;

-/* NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and

+/* macAlg: the MAC algorithm to use. This determines the hash function used in

+ * the HMAC/SSLv3 MAC calculations.

+ * ulBodyTotalLen: the total length of the data, including padding bytes and

+ * padding length.

+ * pHeader: points to a block of data that contains additional data to

+ * authenticate. For TLS this includes the sequence number etc. For SSLv3,

+ * this also includes the initial padding bytes.

+ *

+ * NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and

* CKM_NSS_SSL3_MAC_CONSTANT_TIME requires that the sum of ulBodyTotalLen

* and ulHeaderLen be much smaller than 2^32 / 8 bytes because it uses an

* unsigned int variable to represent the length in bits. This should not

« nss/lib/pkcs7/p7decode.c ('K') | « nss/lib/util/nssutil.h ('k') | nss/lib/util/seccomon.h » ('j') | nss/lib/util/secitem.h » ('J')